iPOSpays Gateways WC Missing Authorization Vulnerability in REST API Endpoint

A vulnerability exists in the iPOSpays Gateways WC plugin for WordPress, specifically in versions through 1.3.7. The issue stems from a missing authorization check in a REST API endpoint, which allows unauthenticated users to access and modify plugin settings. This includes the ability to overwrite critical payment gateway information such as live API keys, secret keys, and payment tokens, all of which are stored in the 'woocommerce_ipospays_settings' option.

Impact

Exploitation of this vulnerability allows for unauthorized users to change important payment gateway settings, potentially leading to fraudulent transactions or unauthorized access to payment information.

Reproduction

To reproduce this vulnerability, send a POST request to the '/wp-json/ipospays/v1/save_settings' endpoint without authentication. Include the parameters for the settings that need to be changed. The absence of a proper authorization check will allow the changes to be made successfully.

Remediation

No patch is currently available. Users are advised to review the vulnerability details and consider uninstalling the affected plugin.